China's government isn't just giving the boot to foreign operating systems; it's doing the same for security software, too. A national procurement agency has dropped Kaspersky and Symantec from its antivirus supplier list, leaving only Chinese companies as options. It's not clear that the move is directly linked to the country's concerns about foreign software being used for espionage. Kaspersky tellsReuters that it's in "conversations with authorities" about the move, but there isn't an official statement on the subject just yet. It wouldn't be shocking if there was a connection, however, since security tools are at the very heart of China's fears. The real surprise is the nature of the targets -- while many would expect China to distrust an American outfit like Symantec, it may be treating a Russian developer (Kaspersky) with a similar level of suspicion.

Update: Symantec says the list only applies to "certain types of procurement," and that it's not an out-and-out ban. Still, the company is looking into the report -- and any significant contract losses still represent significant problems.

Given how hard antivirus software makers push you to sign up, you'd think that business was booming. Far from it, according to Symantec's Brian Dye. He tells the Wall Street Journal that antivirus tools like his company's Norton suite are effectively "dead." The utilities now catch less than half of all attacks, according to the executive -- to him, the focus is on minimizing the damage whenever there's a successful hack or infection.

Most of us think we know the tale of Stuxnet: it's a possibly government-sponsored worm that played havoc with Iranian centrifuges in 2009, setting back the country's uranium enrichment program without involving any traditional weapons. Researchers at Symantec, however, now claim there's an untold narrative. They've discovered a Stuxnet 0.5 version that may have been in development or active as soon as November 2005, two years before the commonly accepted timeline. It first surfaced on trackers in November 2007, and would have created wider-ranging chaos at Iran's Natanz nuclear facility by closing vital pressure valves instead of using the subtler centrifuge technique.

Symantec also noticed that this pre-1.0 malware shares traits with the Flamer code base, putting it in the context of an even larger effort than seen so far. Moreover, it would have required extensive knowledge of the Natanz infrastructure -- this was no casual attack, according to the researchers. While we may never know exactly what prompted the revamp, IAEA evidence suggests that Stuxnet wasn't truly effective until the better-known version came into play. We mostly know that modern cyberwarfare had its fair share of growing pains -- and that it's not as fresh-faced as we assumed.

It seems Stuxnet and Flame aren't the only out-of-control cyber-weapons roaming around the Middle East. Security researchers from Symantec and Kaspersky have found that the Flame malware had the electronic equivalent of a "handler," a program called NEWSFORYOU, which is also in charge of three further viruses that are code-named SP, SPE and IP. The trio have yet to be analyzed, because although a cache of data has been discovered on a command-and-control server, decoding it has proved "virtually impossible." While both security companies have declined to point a finger as to the viruses' origin, Reuters' sources suggest they're from the United States, while The Washington Post has been told that the project was a joint-enterprise with Israel -- in keeping with the existing narrative that this is the pair behind Stuxnet.

The folks behind that nasty Flame trojan that burned its way through the Middle East aren't the kind to brag -- the malware's manufacturers apparently started dousing their own fire last week. According to Symantec reports, several compromised machines retrieved a file named browse32.ocx from Flame controlled servers, which promptly removed all traces of the malware from the infected systems. Although the attackers seem spooked, Microsoft isn't taking any chances, and has issued a fix to its Windows Server Update Services to block future attacks. The update hopes to protect networked machines from a similar attack by requiring HTTPS inspection servers to funnel Windows update traffic through an exception rule, bypassing its inspection. The attackers? "They're trying to cover their tracks in any way they can," Victor Thakur, principal security response manager at Symantec told the LA Times, "They know they're being watched." Check out the source link below for the Symantec's run down of the trojan's retreat.

Norton's Identity Safe is a free online service that aims to end the curse of forgotten passwords. If you've got a few social networking accounts, then keeping track of all your keys can be tough. This service remembers all of your log-in details and inputs them automatically when you next visit. It'll warn you about malicious websites and even lock away sensitive data (credit card numbers, social security codes) so if your paperwork goes missing -- you aren't in too much trouble. The companion smartphone / tablet app offers the same integration across all of your devices and is available now for Windows, OS X, iOS and Android gear from today.

]]>
Mon, 23 Apr 2012 16:29:00 -040021|20222065http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsSymantec said that folks running its pcAnywhere utility were at an "increased risk" when it revealed that the company had been hacked and its source codes pilfered, and advised customers to stop using pcAnywhere for the time being. Sage advice, as a hacker with the handle YamaTough -- who's affiliated with Anonymous -- helped do the deed and has now published the code for all the world to see. Apparently, the hacker and hackee had attempted to broker a deal for $50,000 to keep the code private, but neither side negotiated in good faith -- YamaTough always intended to release the code, and law enforcement was doing the talking for Symantec to catch him and his hacking cohorts. The good news is, Symantec has released several patches to protect pcAnywhere users going forward. As for the stolen code for Norton Antivirus, Internet Security and other Symantec software? Well, the company's expecting it to be disclosed, too, but because the code is from 2006, customers with current versions can rest easy.

]]>
Thu, 09 Feb 2012 09:24:00 -050021|20167804http://www.engadget.com/2012/01/26/source-code-theft-prompts-symantec-to-issue-warning-to-customers/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2012/01/26/source-code-theft-prompts-symantec-to-issue-warning-to-customers/http://www.engadget.com/2012/01/26/source-code-theft-prompts-symantec-to-issue-warning-to-customers/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsSecurity software publisher Symantec has confirmed it was the victim of a cyber attack, resulting in the theft and disclosure of product source code. Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers -- the suit claims Symantec employed scare tactics to encourage users to purchase its wares. Via its website, the company affirmed Anonymous' claims, citing a source code heist dating back to 2006. The post goes on to suggest that users running Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, Symantec Endpoint Protection 11.0, or Symantec AntiVirus 10.2 apply the latest maintenance patches. If you have the company's pcAnywhere solution deployed, Symantec suggests only using it for "business critical purposes," as this software is "at increased risk." Those looking to stay up-to-date on the breach and what Symantec is doing to ameliorate its effects can get the blow-by-blow from the source link below.

]]>
Thu, 26 Jan 2012 13:45:00 -050021|20157456http://www.engadget.com/2011/06/29/symantec-report-on-mobile-security-concludes-ios-and-android-bot/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2011/06/29/symantec-report-on-mobile-security-concludes-ios-and-android-bot/http://www.engadget.com/2011/06/29/symantec-report-on-mobile-security-concludes-ios-and-android-bot/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
In Symantec's bleak, dystopian world, it doesn't matter whether you choose Android or iOS -- you'll be making yourself vulnerable to attacks regardless of the camp you're in. The company just concluded a study pitting iOS's security against Android's -- an undertaking intended mainly for corporate IT staffs trying to figure out which devices they can safely issue to employees. (Curiously, despite the enterprise focus, you won't find a single comparison against BlackBerrys.) Although iOS won higher marks when it came to thwarting traditional malware and showed a more modest advantage in terms of data loss, data integrity, and service attacks, the two platforms proved equally adept at preventing web-based attacks -- and equally powerless to catch socially engineered ones. And when it came to implementing certain security measures, such as permissions-based controls, Android pulled ahead.

Ultimately, Symantec (which sells mobile security software of its own, by the by) concluded that both "are still vulnerable to many existing categories of attacks," not least because both platforms allow users to sync with third-party apps or web services that may or may not be secure themselves. Indeed, Symantec's thesis is that Apple's App Store approval process helps explain its lead in the malware-blocking department. Also, in shocking news, Symantec adds that people using jailbroken are especially attractive targets for attackers, and that these devices are as vulnerable as computers. Don't say no one warned you. Head past the break for a press release with a summary of the findings or, if you're curious, hit the source link for a PDF version of the full report.

]]>
Wed, 29 Jun 2011 17:00:00 -040021|19979682http://www.engadget.com/2011/02/15/intel-working-with-symantec-and-vasco-for-ipt-hardware-based-se/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2011/02/15/intel-working-with-symantec-and-vasco-for-ipt-hardware-based-se/http://www.engadget.com/2011/02/15/intel-working-with-symantec-and-vasco-for-ipt-hardware-based-se/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
Phishers are getting so good and so numerous that even the most technically adept of online bankers should think twice before typing in that password. Even if it's a legit site, databases can be infiltrated and passwords can be cracked. Time for something more, then. Intel is working on it, teaming up with Symantec and Vasco on what's being broadly termed Identity Protection Technology, or IPT. This tech enables a computer to, in hardware, generate a one-time password (OTP) that a compatible site could accept. That computer would have been earlier paired with the site to ensure that only authorized machines sign on. It's similar to the random generating key fobs you might need to sign on to VPN, but built in to Intel's Core i3, i5, and i7 processors. Of course, that won't help if you e-mail your credit card number to a supposed friend who's supposedly stranded in some supposedly far away land, but it's progress.

]]>
Tue, 15 Feb 2011 04:28:00 -050021|19842913http://www.engadget.com/2010/12/09/intellectual-ventures-begins-tech-patent-offensive-files-three/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2010/12/09/intellectual-ventures-begins-tech-patent-offensive-files-three/http://www.engadget.com/2010/12/09/intellectual-ventures-begins-tech-patent-offensive-files-three/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsWe've always wondered why former Microsoft CTO Nathan Mhyrvold was stockpiling patents at his new company Intellectual Ventures, and it looks like we're starting to find out why: in addition to licensing the entire portfolio to HTC and Samsung, IV's just filed its first three patent lawsuits against nine tech companies. Details are sparse, but the first suit is against Symantec, McAfeee, Trend Micro, and Check Point Software, the second names Elpida Memory and Hynix, and the third is against Altera, Lattice Semiconductor, and Microsemi. We'd assume the patents in question are all super-technical in nature, but it's really not the specifics we're interested in -- it's more the fact that IV is starting to flex some muscle in the tech world, and that means a lot of money could change hands real fast. We'll see what happens.

You know what? Snoop has really done more than any technology company has to bring products to new audiences. Back in fifth grade we had no idea what indo was or why anyone would ever want to combine gin and juice; 3 weeks after "Doggystyle" came out we were hooked on both. At the beginning of last year we couldn't fathom our Grandpas asking Snoop for directions in the Caddy...but it happened. So why not make the leap to, you know, hawking desktop and internet security to urban markets? Symantec's Hack is Wack campaign aims to "bring the attention level up...just try to make people aware that these [cyber] crimes are happening." Snoop invites you to "raise awareness by making a rap song about cyber crimes" and uploading a video for judgment on "originality, creativity and message." The winner gets a pair of tickets to see Snoop, a chance to meet his "mgmt/agent" and a Toshiba laptop. It's been a while since we hit the mic or had any antivirus software installed, but he's got us thinking pretty hard about throwing down some rhymes and our credit cards for a copy of Norton 360 v4.0.

This statistic may or may not come as a surprise, depending on how closely you monitor your email inbox. Symantec has released an estimate that 92 percent of all email is spam, up from 89 percent last year. The good news? Phishing attacks declined 5 percent this year, and if we had to make a guess, we'd say attacks of listening to Phish are on an upswing. Check out another one of our favorite example spams below.

It's not the sort of title any city's looking for, but Symantec has now given Shaoxing, China the dubious honor of being the world's malware capital, saying that it accounts for more targeted attacks than any other city. In fact, the company found that while close to 30 percent of all malicious attacks came from China (making it the number one country), 21.3 percent came just from Shaoxing. It was followed by Taipei at 16.5 percent, and London at 14.8 percent. Following China in the country rankings is Romania with 21.1 percent of attempted attacks (most of those are said to be commercial fraud), and the United States at 13.8 percent. That's actually just part of a larger report by Symantec's MessageLabs division, which details everything from the most common types of email attachments (.XLS and .DOC are neck and neck for the lead) to the percentage of emails that contain a virus of phishing attack (one in 358.3 and one in 513.7, respectively). Dive into the PDF linked below for the complete details.

]]>
Mon, 29 Mar 2010 06:41:00 -040021|19417405http://www.engadget.com/2007/11/23/symantec-mcafee-announce-new-mobile-security-wares/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2007/11/23/symantec-mcafee-announce-new-mobile-security-wares/http://www.engadget.com/2007/11/23/symantec-mcafee-announce-new-mobile-security-wares/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
As unfortunate as it is that the world needs such products, the mobile antivirus industry is actually pretty well matured at this point with offerings from big players like McAfee and Kapersky already several versions deep. Both McAfee and Symantec have chosen this week to announce their latest mobile goods; in McAfee's case, it's really just a rehashing of the company's existing VirusScan Mobile software, which is now available to purchasers of its Triple Play offer for comprehensive security from PC to phone and offers protection for Windows Mobile 5 and 6 devices. Symantec meanwhile is introducing its Norton Smartphone Security software, which it claims to be the first to offer protection for Windows Mobile and Symbian devices in a single product. Grab it now (don't want the baddies infecting your N95, do ya?) for $29.99 for a 1-year subscription.

]]>
Fri, 23 Nov 2007 17:43:00 -050021|1046428http://www.engadget.com/2007/10/04/symantec-redefines-viral-marketing-with-costumed-norton-fighter/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2007/10/04/symantec-redefines-viral-marketing-with-costumed-norton-fighter/http://www.engadget.com/2007/10/04/symantec-redefines-viral-marketing-with-costumed-norton-fighter/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23comments
So we've heard of viral marketing before, but marketing with anthropomorphic viruses? Well sure enough, Symantec's latest Japanese campaign for its 360 antivirus software pits costumed "trojan horses" and "worms" against the Mighty Morphin Power Rangers-esque Norton Fighter: vigilant protector of truth, justice, and hard drives worldwide (those with valid Norton subscriptions, at least). You can watch an Akihabara street play featuring Japan's latest superhero after the break, but for the best effect, check out the full-screen flash mini-site by following the Read link...

]]>
Thu, 04 Oct 2007 09:41:00 -040021|1005201http://www.engadget.com/2007/02/18/unofficial-patch-for-treo-vulnerability-loosed/%3Futm_medium%3Dfeed%26utm_source%3DFeed_Classic%26utm_campaign%3DEngadget%26ncid%3Drss_semi
http://www.engadget.com/2007/02/18/unofficial-patch-for-treo-vulnerability-loosed/http://www.engadget.com/2007/02/18/unofficial-patch-for-treo-vulnerability-loosed/%3Futm_source%3DFeed_Classic%26utm_medium%3Dfeed%26utm_campaign%3DEngadget%23commentsIf you've been a bit paranoid of late after hearing that a blatant security hole was found in the now-deceasedPalm OS, help has unofficially arrived. Reportedly discovered by Symantec, the vulnerability entailed a hole that allowed the operating system's Find functionality to be accessed even when the device was set to Locked, allowing ill-willed hackers to sift through text message history, calendar entries, tasks, etc. The hole had been confirmed on the Treo 650, 680, and 700p, but now users of the handsets can rest a bit easier after applying this patch. As expected, the update simply disables the Find feature, which essentially closes off the last remaining security loophole and protects prying eyes from seeing that backlog of steamy Valentine's Day texts. So if you're looking to unofficially patch things up with your Palm, be sure to hit the read link and get that install completed, but we're not the ones to come crying to if something goes awry.